Nulog

  1,407 downloads
1.2.14 GPL (GNU General Public License)    
2.7/5 11
Nulog is a PHP interface for the MySQL plugin for the ulogd netfilter log daemon and for NuFW SQL logging.

description

download

specifications

Nulog is a firewall log analysis interface written in php. Netfilter is able to log selected packets directly in a database like MySQL or PostgreSQL.

Nulog uses this interface to display security events in real-time on a user-friendly interface.

Here are some key features of "Nulog":

· show the last hosts that sent packets that got blocked by your firewall.
· show the last ports that hosts tried to open.
· search for packets logged from an host.
· search for packets logged for a given port.
· search for packets logged for a given user.

Installation

Settings up the database

To use it, create a mysql database ulogd, tape as root :

mysqladmin create ulogd

Next, populate the database using ulogd.mysqldump :

cat ulogd.mysqldump | mysql -u USER -p ulogd

Put your user and password in include/require.inc.

Note

The database is not the standard mysql database for ulogd. It add a few tables and indexes to have thing work fast.

Settings up netfilter

If you don�t use EdenWall or NuFW, you need to configure your netfilter installation.

Now you can log into the database. To log bad packet you have to use use ULOG

iptables -A FORWARD -j ULOG --ulog-nlgroup 1 --ulog-prefix "badif"

What's New in This Release:

· This release can use MySQL triggers instead of PHP code to compute statistical data.
read more   
Last updated on August 3rd, 2007
1  
Nulog

0 User reviews so far.

SUBMIT